|
Avid Pro Audio CommunityHow to Join & Post • Community Terms of Use • Help Us Help YouKnowledge Base Search • Community Search • Learn & Support |
#1
|
||||
|
||||
iHELPERPC Ransomware...
I believe this is brand new ransomware. If you've heard of it and know how to defeat it, please let me know. Fortunately it's not my computers that have been affected.
Yesterday a friend's production computer became infected. Every file is encrypted with the extension .ihelperpc after the legitimate extension. Every folder has an html file with the Ransomware note. Even his images are now encrypted. After copying off any files he hopes to eventually decrypt he will be formatting the drives and reinstalling Windows 7. (He's stuck there because he has a Delta 1010 soundcard and Adobe Audition 3.0) Not sure when the last time his Windows 7 was patched and he wasn't running any anti-virus protection. Because of this I now have a new backup mantra: If it's not connected it can't be infected. Nightly, I plan to check I'm not infected, then plug in external drive, image to it, turn the computer off and unplug the external drive. That drive won't be plugged in again until the next night or I need to restore an image from it. Yes, I know that should have been my backup strategy from the get go, but it is what it is: A cautionary tale.
__________________
Take your projects to the next level with a non-union national read at reasonable rates Demos: brucehayward dot com SonoBus Source-Connect: brucehayward Options for Remote Direction |
#2
|
||||
|
||||
Re: iHELPERPC Ransomware...
Have you seen this from Avast on how to remove ransomware?
__________________
"Never believe anything you hear in a song." Tyrion Lannister, Game of Thrones Owner: Dragon Rock Productions LLC |
#3
|
|||
|
|||
Re: iHELPERPC Ransomware...
Quote:
Also do not surf the web or check email on your production machine, and never run with admin privileges. Make sure your surfing machine doesn't have R/W access to data shares. You MAY want to put your production and storage machines on a separate network. It is getting very very ugly even having an internet connection. |
#4
|
||||
|
||||
Re: iHELPERPC Ransomware...
Checked online for the Avast and AVG decryption tools, but no one has anything listed for ihelperpc yet.
And yes, it's becoming a very nasty, interconnected world.
__________________
Take your projects to the next level with a non-union national read at reasonable rates Demos: brucehayward dot com SonoBus Source-Connect: brucehayward Options for Remote Direction |
#5
|
||||
|
||||
Re: iHELPERPC Ransomware...
An FYI: I just found out that the paid version of Macrium Reflect has Macrium Image Guardian, which is supposed to protect an image from being encrypted by Ransomware. Even though I have the paid version on all 3 of my computers, I still plan to image to external drives and then unplug them.
__________________
Take your projects to the next level with a non-union national read at reasonable rates Demos: brucehayward dot com SonoBus Source-Connect: brucehayward Options for Remote Direction |
Thread Tools | Search this Thread |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Ransomware attacks through Flash | unkJE | General Discussion | 7 | 05-24-2016 08:26 AM |